Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't rely on libcrypto returning static buffers #240

Merged
merged 1 commit into from
May 31, 2024
Merged

Don't rely on libcrypto returning static buffers #240

merged 1 commit into from
May 31, 2024

Conversation

botovq
Copy link
Contributor

@botovq botovq commented May 30, 2024

ldns is one of very few applications relying on being able to pass NULL as last argument to the one-step hashing functions. BoringSSL has removed this functionality in 2017 1 and LibreSSL 4.0 will do the same. Applications can pass in a correctly-sized buffer on the stack.

@botovq
Don't rely on libcrypto returning static buffers
86629fe 
ldns is one of very few applications relying on being able to pass
NULL as last argument to the one-step hashing functions. BoringSSL
has removed this functionality in 2017 [1] and LibreSSL 4.0 will do
the same. Applications can pass in a correctly-sized buffer on the
stack.

[1]: https://boringssl-review.googlesource.com/14528
bob-beck pushed a commit to openbsd/ports that referenced this pull request May 30, 2024
@botovq
ldns: fix for removal of static buffers in SHA1() and MD5()
ae3afb0 
Also remove a no longer necessary patch.
NLnetLabs/ldns#240
@wtoorop wtoorop merged commit 4137510 into NLnetLabs:develop May 31, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wtoorop wtoorop wtoorop approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@botovq @wtoorop